From: Stephen Early Date: Wed, 10 Oct 2001 23:37:00 +0000 (+0100) Subject: Import release 0.1.4 X-Git-Tag: v0.1.4 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=commitdiff_plain;h=08f344d3bdffe4bb83b47b5e2d53758ce231ebc4;ds=sidebyside Import release 0.1.4 --- diff --git a/Makefile.in b/Makefile.in index a3ad397..f53957e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -18,7 +18,7 @@ .PHONY: all clean realclean dist install PACKAGE:=secnet -VERSION:=0.1.3 +VERSION:=0.1.4 @SET_MAKE@ diff --git a/example.conf b/example.conf index 3b4a32f..0d7a546 100644 --- a/example.conf +++ b/example.conf @@ -119,7 +119,7 @@ transform serpent256-cbc { max-sequence-skew 10; }; -include /etc/secnet/sites +include /etc/secnet/sites.conf # Here you must list all the VPN sites that you wish to communicate with. # The /etc/secnet/sites file contains information on all reachable sites; @@ -128,11 +128,15 @@ include /etc/secnet/sites # contains public keys for all sites. sites - site(example-vpn/some-site), - site(example-vpn/some-other-site), - site(example-vpn/a-third-site); + site(vpn-data/example/location1/site1), + site(vpn-data/example/location2/site1), + site(vpn-data/example/location2/site2); # If you want to communicate with all the VPN sites, you can use something # like the following instead: -# sites map(site,makelist(example-vpn)); +# sites map(site,vpn/example/all-sites); + +# If you want to communicate with a subset of locations, try the following: + +# sites map(site,vpn/example/location1,vpn/example/location2); diff --git a/make-secnet-sites.py b/make-secnet-sites.py index 8a64338..8479aaa 100755 --- a/make-secnet-sites.py +++ b/make-secnet-sites.py @@ -42,7 +42,7 @@ reset no-disconnect-hup no-suppress-args cd ~/secnet/sites-test/ -execute ~/secnet/secnet/make-secnet-sites.py -u vpnheader groupfiles sites +execute ~/secnet/make-secnet-sites.py -u vpnheader groupfiles sites This program is part of secnet. It relies on the "ipaddr" library from Cendio Systems AB. @@ -55,7 +55,7 @@ import sys import os import ipaddr -VERSION="0.1.3" +VERSION="0.1.4" class vpn: def __init__(self,name): @@ -146,7 +146,7 @@ class mobileoption: def __init__(self,w): self.w=w def out(self): - return 'netlink-options "soft";' + return '# netlink-options "soft";' def complain(msg): global complaints @@ -385,8 +385,9 @@ else: print "caller not in group %s"%group sys.exit(1) f=open(header) - pfile(header,f.readlines()) + headerinput=f.readlines() f.close() + pfile(header,headerinput) userinput=sys.stdin.readlines() pfile("user input",userinput) else: @@ -456,14 +457,29 @@ if complaints>0: if service: # Put the user's input into their group file, and rebuild the main # sites file - f=open(groupfiledir+"-tmp/"+group,'w') + f=open(groupfiledir+"/T"+group,'w') f.write("# Section submitted by user %s, %s\n"% (user,time.asctime(time.localtime(time.time())))) f.write("# Checked by make-secnet-sites.py version %s\n\n"%VERSION) for i in userinput: f.write(i) f.write("\n") f.close() - os.rename(groupfiledir+"-tmp/"+group,groupfiledir+"/"+group) - # XXX rebuild main sites file! + os.rename(groupfiledir+"/T"+group,groupfiledir+"/R"+group) + f=open(sitesfile+"-tmp",'w') + f.write("# sites file autogenerated by make-secnet-sites.py\n") + f.write("# generated %s, invoked by %s\n"% + (time.asctime(time.localtime(time.time())),user)) + f.write("# use make-secnet-sites.py to turn this file into a\n") + f.write("# valid /etc/secnet/sites.conf file\n\n") + for i in headerinput: f.write(i) + files=os.listdir(groupfiledir) + for i in files: + if i[0]=='R': + j=open(groupfiledir+"/"+i) + f.write(j.read()) + j.close() + f.write("# end of sites file\n") + f.close() + os.rename(sitesfile+"-tmp",sitesfile) else: outputsites(of)